Trinity reveals €974,781 loss to email fraud last year

The scam was directed at the Trinity Foundation fundraising wing

Trinity is still attempting to retrieve almost €1 million which was lost to a fraudulent scam directed at the Trinity Foundation last year, according to a report published in the Irish Examiner. The scam targeted thousands of Trinity Foundation donors, and resulted in donors giving money to individual bank accounts purporting to be acting on behalf of the foundation.

The amounts lost were not immediately revealed when the fraud was first reported. The total costs were outlined in a governance and financial control statement, where Provost Dr Patrick Prendergast and Chief Financial Officer Ian Matthews revealed that the total costs amounted to €974,781. These deficits are to be funded through the university’s commercial revenues. However, the costs are also inclusive of legal fees and computer forensics services which were necessary to establish the cause of the fraud.

The breach was discovered in April of last year, with a related major probe freezing €250,000 in UK and US bank accounts until their origins could be determined. Trinity initially issued warning emails to foundation donors entitled: “Data Breach Notification from Trinity Foundation.”

According to the email: “An email account belonging to one of Trinity Foundation’s employees appears to have been compromised by an apparent phishing/malware attack. It seems that the attackers had access to this email account from February 7, 2017.”

It went on to say: “We are taking measures to try to ensure that such an incident will not occur again. The Foundation is committed to maintaining the highest standard of governance and is re-examining internal procedures to ensure that they are robust.”

Trinity have also stated more recently that: “The university is continuing its efforts to recover funds through legal action and liaison with its insurers and with police and state authorities in Ireland, the UK and Germany.” Control of payment processes was immediately transferred to Trinity’s financial services division after the fraud’s discovery to further this interest.

The foundation has seen an income rise from €53 million in 2015 to €73 million in 2016. It also plans to increase this level of donations to €400 million by 2021. The breach was only discovered as a results of concerns raised by police in the UK to Bank of Ireland over a number of suspicious transactions.

However, a report which was released today alongside the governance and financial control statement showed that the same amount was spent in the 2016/2017 which did not comply with guidelines on public procurement. The report from the comptroller and auditor general revealed that the goods and services prices for 18 suppliers reached €981,000.

The same statement showed that over 99% of the spending in Trinity was fully compliant with public procurement laws and that wherever possible the university used the services and frameworks of the Office of Government Procurement and the Education Procurement Service, and it continues to work towards 100% compliance in the area.

Trinity spent €345 million in the previous year, which saw an increase of €17.9 million on the year which ended in September 2016. However, while its expenditure rose, it also saw a rise in income to €355.8 million. This is because Trinity received €20 million higher research and academic fee income, but also as a result of the first state grants issued in many years.